This data security and privacy statement applies to all Utoolity Apps offered in the Atlassian Marketplace. It outlines the collection and processing of your data by us in general, for Cloud and Server Apps, as well as App specific details, if necessary.
Customer Account Data
Once you license or subscribe to one of our products, Atlassian provides us with your license details, including the name and email address of your registered Atlassian contacts. Utoolity uses this data for accounting, security incident reporting, support, and customer enablement.
We do not have any access to your customer data beyond the information provided by Atlassian over the course of evaluating or purchasing our products.
Customer Support Data
As an active or potential customer, you may choose to register with our support systems (Jira Software, Jira Service Management, Confluence) in order to submit support requests or access non-public information. We will also register you in those instances if you choose to contact our support team per email. With such registration, we will store your email address, name (if given), and support details in our support systems running in the Atlassian Cloud. Should the support details contain personal data, we recommend anonymizing the data, if possible. If you wish for your personal information to be removed from the Utoolity support systems, please contact our privacy team.
All data provided to us in the context of a support request will only be used to analyze and solve your requests. Without your explicit consent or a legal basis, your personal data will not be shared with third parties.
Access to Customer Data
Only authorized Utoolity GmbH employees and subcontractors have access to customer data. Subcontractors are contractually bound to the same data security and privacy standards as our employees.
Third-party Service Providers
We use the follwing third-party service providers:
- Atlassian (Atlassian Pty Ltd)
Purpose: Support Management Services
- AWS (Amazon Web Services, Inc.)
Purpose: Hosting and general IT Services
AWS Privacy Notice
- Blue Gecko (Blue Gecko Marketing GmbH)
Purpose: Marketing, Design, and Customer Success
- GANDI (GANDI SAS)
Purpose: Domain and Email Services
- Twilio (Twilio Inc.)
Purpose: Communication Services
Twilio Privacy Statement
We constantly strive to keep our products and data secure. If you detect/suspect any security vulnerability, contact our security team, and we will work on a solution to the issue immediately.
Our Server Apps store all data exclusively within your server instances. They do not collect or transmit any data to us, except for the embedded support widgets, which will do so only if you use them to raise a support request – see section Customer Support Data for details.
Our Cloud Apps are developed according to the principle of "Datensparsamkeit" ("data minimization"). We strive to only collect or transmit data that is necessary for the app's operation. If the app requires data storage, our first choice is to use the native Atlassian Cloud product storage, which is subject to the Atlassian security practices. Our apps will not store any data outside of the Atlassian Cloud product, except if otherwise noted below.
Exceptions for all Cloud Apps:
- Installation metadata – if technically required, metadata provided by the Atlassian Cloud platform will be stored in app specific storage external to the Atlassian Cloud
- Performance caches – where applicable, data can be cached temporarily for performance reasons
Exceptions for specific Cloud Apps:
- There are no app specific exceptions at this point
Your information is controlled by Utoolity GmbH. If you have questions or concerns about how your data is handled, please direct your inquiry to:
Revisions to this Statement
Utoolity may update, modify or amend (together, "revise") this statement as our portfolio evolves, including any referenced policies and other documents. We keep a version history of these changes.
(Effective as of April 19th 2021)